15b9c547cSRui Paulo /*
25b9c547cSRui Paulo * SecY Operations
35b9c547cSRui Paulo * Copyright (c) 2013, Qualcomm Atheros, Inc.
45b9c547cSRui Paulo *
55b9c547cSRui Paulo * This software may be distributed under the terms of the BSD license.
65b9c547cSRui Paulo * See README for more details.
75b9c547cSRui Paulo */
85b9c547cSRui Paulo
95b9c547cSRui Paulo #include "utils/includes.h"
105b9c547cSRui Paulo
115b9c547cSRui Paulo #include "utils/common.h"
125b9c547cSRui Paulo #include "utils/eloop.h"
135b9c547cSRui Paulo #include "common/defs.h"
145b9c547cSRui Paulo #include "drivers/driver.h"
155b9c547cSRui Paulo #include "pae/ieee802_1x_kay.h"
165b9c547cSRui Paulo #include "pae/ieee802_1x_kay_i.h"
175b9c547cSRui Paulo #include "pae/ieee802_1x_secy_ops.h"
185b9c547cSRui Paulo
195b9c547cSRui Paulo
secy_cp_control_validate_frames(struct ieee802_1x_kay * kay,enum validate_frames vf)205b9c547cSRui Paulo int secy_cp_control_validate_frames(struct ieee802_1x_kay *kay,
215b9c547cSRui Paulo enum validate_frames vf)
225b9c547cSRui Paulo {
235b9c547cSRui Paulo kay->vf = vf;
245b9c547cSRui Paulo return 0;
255b9c547cSRui Paulo }
265b9c547cSRui Paulo
275b9c547cSRui Paulo
secy_cp_control_protect_frames(struct ieee802_1x_kay * kay,bool enabled)28*c1d255d3SCy Schubert int secy_cp_control_protect_frames(struct ieee802_1x_kay *kay, bool enabled)
295b9c547cSRui Paulo {
305b9c547cSRui Paulo struct ieee802_1x_kay_ctx *ops;
315b9c547cSRui Paulo
325b9c547cSRui Paulo if (!kay) {
335b9c547cSRui Paulo wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
345b9c547cSRui Paulo return -1;
355b9c547cSRui Paulo }
365b9c547cSRui Paulo
375b9c547cSRui Paulo ops = kay->ctx;
385b9c547cSRui Paulo if (!ops || !ops->enable_protect_frames) {
395b9c547cSRui Paulo wpa_printf(MSG_ERROR,
405b9c547cSRui Paulo "KaY: secy enable_protect_frames operation not supported");
415b9c547cSRui Paulo return -1;
425b9c547cSRui Paulo }
435b9c547cSRui Paulo
445b9c547cSRui Paulo return ops->enable_protect_frames(ops->ctx, enabled);
455b9c547cSRui Paulo }
465b9c547cSRui Paulo
475b9c547cSRui Paulo
secy_cp_control_encrypt(struct ieee802_1x_kay * kay,bool enabled)48*c1d255d3SCy Schubert int secy_cp_control_encrypt(struct ieee802_1x_kay *kay, bool enabled)
4985732ac8SCy Schubert {
5085732ac8SCy Schubert struct ieee802_1x_kay_ctx *ops;
5185732ac8SCy Schubert
5285732ac8SCy Schubert if (!kay) {
5385732ac8SCy Schubert wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
5485732ac8SCy Schubert return -1;
5585732ac8SCy Schubert }
5685732ac8SCy Schubert
5785732ac8SCy Schubert ops = kay->ctx;
5885732ac8SCy Schubert if (!ops || !ops->enable_encrypt) {
5985732ac8SCy Schubert wpa_printf(MSG_ERROR,
6085732ac8SCy Schubert "KaY: secy enable_encrypt operation not supported");
6185732ac8SCy Schubert return -1;
6285732ac8SCy Schubert }
6385732ac8SCy Schubert
6485732ac8SCy Schubert return ops->enable_encrypt(ops->ctx, enabled);
6585732ac8SCy Schubert }
6685732ac8SCy Schubert
6785732ac8SCy Schubert
secy_cp_control_replay(struct ieee802_1x_kay * kay,bool enabled,u32 win)68*c1d255d3SCy Schubert int secy_cp_control_replay(struct ieee802_1x_kay *kay, bool enabled, u32 win)
695b9c547cSRui Paulo {
705b9c547cSRui Paulo struct ieee802_1x_kay_ctx *ops;
715b9c547cSRui Paulo
725b9c547cSRui Paulo if (!kay) {
735b9c547cSRui Paulo wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
745b9c547cSRui Paulo return -1;
755b9c547cSRui Paulo }
765b9c547cSRui Paulo
775b9c547cSRui Paulo ops = kay->ctx;
785b9c547cSRui Paulo if (!ops || !ops->set_replay_protect) {
795b9c547cSRui Paulo wpa_printf(MSG_ERROR,
805b9c547cSRui Paulo "KaY: secy set_replay_protect operation not supported");
815b9c547cSRui Paulo return -1;
825b9c547cSRui Paulo }
835b9c547cSRui Paulo
845b9c547cSRui Paulo return ops->set_replay_protect(ops->ctx, enabled, win);
855b9c547cSRui Paulo }
865b9c547cSRui Paulo
875b9c547cSRui Paulo
secy_cp_control_current_cipher_suite(struct ieee802_1x_kay * kay,u64 cs)88780fb4a2SCy Schubert int secy_cp_control_current_cipher_suite(struct ieee802_1x_kay *kay, u64 cs)
895b9c547cSRui Paulo {
905b9c547cSRui Paulo struct ieee802_1x_kay_ctx *ops;
915b9c547cSRui Paulo
925b9c547cSRui Paulo if (!kay) {
935b9c547cSRui Paulo wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
945b9c547cSRui Paulo return -1;
955b9c547cSRui Paulo }
965b9c547cSRui Paulo
975b9c547cSRui Paulo ops = kay->ctx;
985b9c547cSRui Paulo if (!ops || !ops->set_current_cipher_suite) {
995b9c547cSRui Paulo wpa_printf(MSG_ERROR,
1005b9c547cSRui Paulo "KaY: secy set_current_cipher_suite operation not supported");
1015b9c547cSRui Paulo return -1;
1025b9c547cSRui Paulo }
1035b9c547cSRui Paulo
104780fb4a2SCy Schubert return ops->set_current_cipher_suite(ops->ctx, cs);
1055b9c547cSRui Paulo }
1065b9c547cSRui Paulo
1075b9c547cSRui Paulo
secy_cp_control_confidentiality_offset(struct ieee802_1x_kay * kay,enum confidentiality_offset co)1085b9c547cSRui Paulo int secy_cp_control_confidentiality_offset(struct ieee802_1x_kay *kay,
1095b9c547cSRui Paulo enum confidentiality_offset co)
1105b9c547cSRui Paulo {
1115b9c547cSRui Paulo kay->co = co;
1125b9c547cSRui Paulo return 0;
1135b9c547cSRui Paulo }
1145b9c547cSRui Paulo
1155b9c547cSRui Paulo
secy_cp_control_enable_port(struct ieee802_1x_kay * kay,bool enabled)116*c1d255d3SCy Schubert int secy_cp_control_enable_port(struct ieee802_1x_kay *kay, bool enabled)
1175b9c547cSRui Paulo {
1185b9c547cSRui Paulo struct ieee802_1x_kay_ctx *ops;
1195b9c547cSRui Paulo
1205b9c547cSRui Paulo if (!kay) {
1215b9c547cSRui Paulo wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
1225b9c547cSRui Paulo return -1;
1235b9c547cSRui Paulo }
1245b9c547cSRui Paulo
1255b9c547cSRui Paulo ops = kay->ctx;
1265b9c547cSRui Paulo if (!ops || !ops->enable_controlled_port) {
1275b9c547cSRui Paulo wpa_printf(MSG_ERROR,
1285b9c547cSRui Paulo "KaY: secy enable_controlled_port operation not supported");
1295b9c547cSRui Paulo return -1;
1305b9c547cSRui Paulo }
1315b9c547cSRui Paulo
1325b9c547cSRui Paulo return ops->enable_controlled_port(ops->ctx, enabled);
1335b9c547cSRui Paulo }
1345b9c547cSRui Paulo
1355b9c547cSRui Paulo
secy_get_capability(struct ieee802_1x_kay * kay,enum macsec_cap * cap)13685732ac8SCy Schubert int secy_get_capability(struct ieee802_1x_kay *kay, enum macsec_cap *cap)
13785732ac8SCy Schubert {
13885732ac8SCy Schubert struct ieee802_1x_kay_ctx *ops;
13985732ac8SCy Schubert
14085732ac8SCy Schubert if (!kay) {
14185732ac8SCy Schubert wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
14285732ac8SCy Schubert return -1;
14385732ac8SCy Schubert }
14485732ac8SCy Schubert
14585732ac8SCy Schubert ops = kay->ctx;
14685732ac8SCy Schubert if (!ops || !ops->macsec_get_capability) {
14785732ac8SCy Schubert wpa_printf(MSG_ERROR,
14885732ac8SCy Schubert "KaY: secy macsec_get_capability operation not supported");
14985732ac8SCy Schubert return -1;
15085732ac8SCy Schubert }
15185732ac8SCy Schubert
15285732ac8SCy Schubert return ops->macsec_get_capability(ops->ctx, cap);
15385732ac8SCy Schubert }
15485732ac8SCy Schubert
15585732ac8SCy Schubert
secy_get_receive_lowest_pn(struct ieee802_1x_kay * kay,struct receive_sa * rxsa)1565b9c547cSRui Paulo int secy_get_receive_lowest_pn(struct ieee802_1x_kay *kay,
1575b9c547cSRui Paulo struct receive_sa *rxsa)
1585b9c547cSRui Paulo {
1595b9c547cSRui Paulo struct ieee802_1x_kay_ctx *ops;
1605b9c547cSRui Paulo
1615b9c547cSRui Paulo if (!kay || !rxsa) {
1625b9c547cSRui Paulo wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
1635b9c547cSRui Paulo return -1;
1645b9c547cSRui Paulo }
1655b9c547cSRui Paulo
1665b9c547cSRui Paulo ops = kay->ctx;
1675b9c547cSRui Paulo if (!ops || !ops->get_receive_lowest_pn) {
1685b9c547cSRui Paulo wpa_printf(MSG_ERROR,
1695b9c547cSRui Paulo "KaY: secy get_receive_lowest_pn operation not supported");
1705b9c547cSRui Paulo return -1;
1715b9c547cSRui Paulo }
1725b9c547cSRui Paulo
17385732ac8SCy Schubert return ops->get_receive_lowest_pn(ops->ctx, rxsa);
1745b9c547cSRui Paulo }
1755b9c547cSRui Paulo
1765b9c547cSRui Paulo
secy_get_transmit_next_pn(struct ieee802_1x_kay * kay,struct transmit_sa * txsa)1775b9c547cSRui Paulo int secy_get_transmit_next_pn(struct ieee802_1x_kay *kay,
1785b9c547cSRui Paulo struct transmit_sa *txsa)
1795b9c547cSRui Paulo {
1805b9c547cSRui Paulo struct ieee802_1x_kay_ctx *ops;
1815b9c547cSRui Paulo
1825b9c547cSRui Paulo if (!kay || !txsa) {
1835b9c547cSRui Paulo wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
1845b9c547cSRui Paulo return -1;
1855b9c547cSRui Paulo }
1865b9c547cSRui Paulo
1875b9c547cSRui Paulo ops = kay->ctx;
1885b9c547cSRui Paulo if (!ops || !ops->get_transmit_next_pn) {
1895b9c547cSRui Paulo wpa_printf(MSG_ERROR,
1904bc52338SCy Schubert "KaY: secy get_transmit_next_pn operation not supported");
1915b9c547cSRui Paulo return -1;
1925b9c547cSRui Paulo }
1935b9c547cSRui Paulo
19485732ac8SCy Schubert return ops->get_transmit_next_pn(ops->ctx, txsa);
1955b9c547cSRui Paulo }
1965b9c547cSRui Paulo
1975b9c547cSRui Paulo
secy_set_transmit_next_pn(struct ieee802_1x_kay * kay,struct transmit_sa * txsa)1985b9c547cSRui Paulo int secy_set_transmit_next_pn(struct ieee802_1x_kay *kay,
1995b9c547cSRui Paulo struct transmit_sa *txsa)
2005b9c547cSRui Paulo {
2015b9c547cSRui Paulo struct ieee802_1x_kay_ctx *ops;
2025b9c547cSRui Paulo
2035b9c547cSRui Paulo if (!kay || !txsa) {
2045b9c547cSRui Paulo wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
2055b9c547cSRui Paulo return -1;
2065b9c547cSRui Paulo }
2075b9c547cSRui Paulo
2085b9c547cSRui Paulo ops = kay->ctx;
2095b9c547cSRui Paulo if (!ops || !ops->set_transmit_next_pn) {
2105b9c547cSRui Paulo wpa_printf(MSG_ERROR,
2114bc52338SCy Schubert "KaY: secy set_transmit_next_pn operation not supported");
2125b9c547cSRui Paulo return -1;
2135b9c547cSRui Paulo }
2145b9c547cSRui Paulo
21585732ac8SCy Schubert return ops->set_transmit_next_pn(ops->ctx, txsa);
2165b9c547cSRui Paulo }
2175b9c547cSRui Paulo
2185b9c547cSRui Paulo
secy_set_receive_lowest_pn(struct ieee802_1x_kay * kay,struct receive_sa * rxsa)2194bc52338SCy Schubert int secy_set_receive_lowest_pn(struct ieee802_1x_kay *kay,
2204bc52338SCy Schubert struct receive_sa *rxsa)
2214bc52338SCy Schubert {
2224bc52338SCy Schubert struct ieee802_1x_kay_ctx *ops;
2234bc52338SCy Schubert
2244bc52338SCy Schubert if (!kay || !rxsa) {
2254bc52338SCy Schubert wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
2264bc52338SCy Schubert return -1;
2274bc52338SCy Schubert }
2284bc52338SCy Schubert
2294bc52338SCy Schubert ops = kay->ctx;
2304bc52338SCy Schubert if (!ops || !ops->set_receive_lowest_pn) {
2314bc52338SCy Schubert wpa_printf(MSG_ERROR,
2324bc52338SCy Schubert "KaY: secy set_receive_lowest_pn operation not supported");
2334bc52338SCy Schubert return -1;
2344bc52338SCy Schubert }
2354bc52338SCy Schubert
2364bc52338SCy Schubert return ops->set_receive_lowest_pn(ops->ctx, rxsa);
2374bc52338SCy Schubert }
2384bc52338SCy Schubert
2394bc52338SCy Schubert
secy_create_receive_sc(struct ieee802_1x_kay * kay,struct receive_sc * rxsc)2405b9c547cSRui Paulo int secy_create_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc)
2415b9c547cSRui Paulo {
2425b9c547cSRui Paulo struct ieee802_1x_kay_ctx *ops;
2435b9c547cSRui Paulo
2445b9c547cSRui Paulo if (!kay || !rxsc) {
2455b9c547cSRui Paulo wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
2465b9c547cSRui Paulo return -1;
2475b9c547cSRui Paulo }
2485b9c547cSRui Paulo
2495b9c547cSRui Paulo ops = kay->ctx;
2505b9c547cSRui Paulo if (!ops || !ops->create_receive_sc) {
2515b9c547cSRui Paulo wpa_printf(MSG_ERROR,
2525b9c547cSRui Paulo "KaY: secy create_receive_sc operation not supported");
2535b9c547cSRui Paulo return -1;
2545b9c547cSRui Paulo }
2555b9c547cSRui Paulo
25685732ac8SCy Schubert return ops->create_receive_sc(ops->ctx, rxsc, kay->vf, kay->co);
2575b9c547cSRui Paulo }
2585b9c547cSRui Paulo
2595b9c547cSRui Paulo
secy_delete_receive_sc(struct ieee802_1x_kay * kay,struct receive_sc * rxsc)2605b9c547cSRui Paulo int secy_delete_receive_sc(struct ieee802_1x_kay *kay, struct receive_sc *rxsc)
2615b9c547cSRui Paulo {
2625b9c547cSRui Paulo struct ieee802_1x_kay_ctx *ops;
2635b9c547cSRui Paulo
2645b9c547cSRui Paulo if (!kay || !rxsc) {
2655b9c547cSRui Paulo wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
2665b9c547cSRui Paulo return -1;
2675b9c547cSRui Paulo }
2685b9c547cSRui Paulo
2695b9c547cSRui Paulo ops = kay->ctx;
2705b9c547cSRui Paulo if (!ops || !ops->delete_receive_sc) {
2715b9c547cSRui Paulo wpa_printf(MSG_ERROR,
2725b9c547cSRui Paulo "KaY: secy delete_receive_sc operation not supported");
2735b9c547cSRui Paulo return -1;
2745b9c547cSRui Paulo }
2755b9c547cSRui Paulo
27685732ac8SCy Schubert return ops->delete_receive_sc(ops->ctx, rxsc);
2775b9c547cSRui Paulo }
2785b9c547cSRui Paulo
2795b9c547cSRui Paulo
secy_create_receive_sa(struct ieee802_1x_kay * kay,struct receive_sa * rxsa)2805b9c547cSRui Paulo int secy_create_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa)
2815b9c547cSRui Paulo {
2825b9c547cSRui Paulo struct ieee802_1x_kay_ctx *ops;
2835b9c547cSRui Paulo
2845b9c547cSRui Paulo if (!kay || !rxsa) {
2855b9c547cSRui Paulo wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
2865b9c547cSRui Paulo return -1;
2875b9c547cSRui Paulo }
2885b9c547cSRui Paulo
2895b9c547cSRui Paulo ops = kay->ctx;
2905b9c547cSRui Paulo if (!ops || !ops->create_receive_sa) {
2915b9c547cSRui Paulo wpa_printf(MSG_ERROR,
2925b9c547cSRui Paulo "KaY: secy create_receive_sa operation not supported");
2935b9c547cSRui Paulo return -1;
2945b9c547cSRui Paulo }
2955b9c547cSRui Paulo
29685732ac8SCy Schubert return ops->create_receive_sa(ops->ctx, rxsa);
29785732ac8SCy Schubert }
29885732ac8SCy Schubert
29985732ac8SCy Schubert
secy_delete_receive_sa(struct ieee802_1x_kay * kay,struct receive_sa * rxsa)30085732ac8SCy Schubert int secy_delete_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa)
30185732ac8SCy Schubert {
30285732ac8SCy Schubert struct ieee802_1x_kay_ctx *ops;
30385732ac8SCy Schubert
30485732ac8SCy Schubert if (!kay || !rxsa) {
30585732ac8SCy Schubert wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
30685732ac8SCy Schubert return -1;
30785732ac8SCy Schubert }
30885732ac8SCy Schubert
30985732ac8SCy Schubert ops = kay->ctx;
31085732ac8SCy Schubert if (!ops || !ops->delete_receive_sa) {
31185732ac8SCy Schubert wpa_printf(MSG_ERROR,
31285732ac8SCy Schubert "KaY: secy delete_receive_sa operation not supported");
31385732ac8SCy Schubert return -1;
31485732ac8SCy Schubert }
31585732ac8SCy Schubert
31685732ac8SCy Schubert return ops->delete_receive_sa(ops->ctx, rxsa);
3175b9c547cSRui Paulo }
3185b9c547cSRui Paulo
3195b9c547cSRui Paulo
secy_enable_receive_sa(struct ieee802_1x_kay * kay,struct receive_sa * rxsa)3205b9c547cSRui Paulo int secy_enable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa)
3215b9c547cSRui Paulo {
3225b9c547cSRui Paulo struct ieee802_1x_kay_ctx *ops;
3235b9c547cSRui Paulo
3245b9c547cSRui Paulo if (!kay || !rxsa) {
3255b9c547cSRui Paulo wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
3265b9c547cSRui Paulo return -1;
3275b9c547cSRui Paulo }
3285b9c547cSRui Paulo
3295b9c547cSRui Paulo ops = kay->ctx;
3305b9c547cSRui Paulo if (!ops || !ops->enable_receive_sa) {
3315b9c547cSRui Paulo wpa_printf(MSG_ERROR,
3325b9c547cSRui Paulo "KaY: secy enable_receive_sa operation not supported");
3335b9c547cSRui Paulo return -1;
3345b9c547cSRui Paulo }
3355b9c547cSRui Paulo
336*c1d255d3SCy Schubert rxsa->enable_receive = true;
3375b9c547cSRui Paulo
33885732ac8SCy Schubert return ops->enable_receive_sa(ops->ctx, rxsa);
3395b9c547cSRui Paulo }
3405b9c547cSRui Paulo
3415b9c547cSRui Paulo
secy_disable_receive_sa(struct ieee802_1x_kay * kay,struct receive_sa * rxsa)3425b9c547cSRui Paulo int secy_disable_receive_sa(struct ieee802_1x_kay *kay, struct receive_sa *rxsa)
3435b9c547cSRui Paulo {
3445b9c547cSRui Paulo struct ieee802_1x_kay_ctx *ops;
3455b9c547cSRui Paulo
3465b9c547cSRui Paulo if (!kay || !rxsa) {
3475b9c547cSRui Paulo wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
3485b9c547cSRui Paulo return -1;
3495b9c547cSRui Paulo }
3505b9c547cSRui Paulo
3515b9c547cSRui Paulo ops = kay->ctx;
3525b9c547cSRui Paulo if (!ops || !ops->disable_receive_sa) {
3535b9c547cSRui Paulo wpa_printf(MSG_ERROR,
3545b9c547cSRui Paulo "KaY: secy disable_receive_sa operation not supported");
3555b9c547cSRui Paulo return -1;
3565b9c547cSRui Paulo }
3575b9c547cSRui Paulo
358*c1d255d3SCy Schubert rxsa->enable_receive = false;
3595b9c547cSRui Paulo
36085732ac8SCy Schubert return ops->disable_receive_sa(ops->ctx, rxsa);
3615b9c547cSRui Paulo }
3625b9c547cSRui Paulo
3635b9c547cSRui Paulo
secy_create_transmit_sc(struct ieee802_1x_kay * kay,struct transmit_sc * txsc)3645b9c547cSRui Paulo int secy_create_transmit_sc(struct ieee802_1x_kay *kay,
3655b9c547cSRui Paulo struct transmit_sc *txsc)
3665b9c547cSRui Paulo {
3675b9c547cSRui Paulo struct ieee802_1x_kay_ctx *ops;
3685b9c547cSRui Paulo
3695b9c547cSRui Paulo if (!kay || !txsc) {
3705b9c547cSRui Paulo wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
3715b9c547cSRui Paulo return -1;
3725b9c547cSRui Paulo }
3735b9c547cSRui Paulo
3745b9c547cSRui Paulo ops = kay->ctx;
3755b9c547cSRui Paulo if (!ops || !ops->create_transmit_sc) {
3765b9c547cSRui Paulo wpa_printf(MSG_ERROR,
3775b9c547cSRui Paulo "KaY: secy create_transmit_sc operation not supported");
3785b9c547cSRui Paulo return -1;
3795b9c547cSRui Paulo }
3805b9c547cSRui Paulo
38185732ac8SCy Schubert return ops->create_transmit_sc(ops->ctx, txsc, kay->co);
3825b9c547cSRui Paulo }
3835b9c547cSRui Paulo
3845b9c547cSRui Paulo
secy_delete_transmit_sc(struct ieee802_1x_kay * kay,struct transmit_sc * txsc)3855b9c547cSRui Paulo int secy_delete_transmit_sc(struct ieee802_1x_kay *kay,
3865b9c547cSRui Paulo struct transmit_sc *txsc)
3875b9c547cSRui Paulo {
3885b9c547cSRui Paulo struct ieee802_1x_kay_ctx *ops;
3895b9c547cSRui Paulo
3905b9c547cSRui Paulo if (!kay || !txsc) {
3915b9c547cSRui Paulo wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
3925b9c547cSRui Paulo return -1;
3935b9c547cSRui Paulo }
3945b9c547cSRui Paulo
3955b9c547cSRui Paulo ops = kay->ctx;
3965b9c547cSRui Paulo if (!ops || !ops->delete_transmit_sc) {
3975b9c547cSRui Paulo wpa_printf(MSG_ERROR,
3985b9c547cSRui Paulo "KaY: secy delete_transmit_sc operation not supported");
3995b9c547cSRui Paulo return -1;
4005b9c547cSRui Paulo }
4015b9c547cSRui Paulo
40285732ac8SCy Schubert return ops->delete_transmit_sc(ops->ctx, txsc);
4035b9c547cSRui Paulo }
4045b9c547cSRui Paulo
4055b9c547cSRui Paulo
secy_create_transmit_sa(struct ieee802_1x_kay * kay,struct transmit_sa * txsa)4065b9c547cSRui Paulo int secy_create_transmit_sa(struct ieee802_1x_kay *kay,
4075b9c547cSRui Paulo struct transmit_sa *txsa)
4085b9c547cSRui Paulo {
4095b9c547cSRui Paulo struct ieee802_1x_kay_ctx *ops;
4105b9c547cSRui Paulo
4115b9c547cSRui Paulo if (!kay || !txsa) {
4125b9c547cSRui Paulo wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
4135b9c547cSRui Paulo return -1;
4145b9c547cSRui Paulo }
4155b9c547cSRui Paulo
4165b9c547cSRui Paulo ops = kay->ctx;
4175b9c547cSRui Paulo if (!ops || !ops->create_transmit_sa) {
4185b9c547cSRui Paulo wpa_printf(MSG_ERROR,
4195b9c547cSRui Paulo "KaY: secy create_transmit_sa operation not supported");
4205b9c547cSRui Paulo return -1;
4215b9c547cSRui Paulo }
4225b9c547cSRui Paulo
42385732ac8SCy Schubert return ops->create_transmit_sa(ops->ctx, txsa);
42485732ac8SCy Schubert }
42585732ac8SCy Schubert
42685732ac8SCy Schubert
secy_delete_transmit_sa(struct ieee802_1x_kay * kay,struct transmit_sa * txsa)42785732ac8SCy Schubert int secy_delete_transmit_sa(struct ieee802_1x_kay *kay,
42885732ac8SCy Schubert struct transmit_sa *txsa)
42985732ac8SCy Schubert {
43085732ac8SCy Schubert struct ieee802_1x_kay_ctx *ops;
43185732ac8SCy Schubert
43285732ac8SCy Schubert if (!kay || !txsa) {
43385732ac8SCy Schubert wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
43485732ac8SCy Schubert return -1;
43585732ac8SCy Schubert }
43685732ac8SCy Schubert
43785732ac8SCy Schubert ops = kay->ctx;
43885732ac8SCy Schubert if (!ops || !ops->delete_transmit_sa) {
43985732ac8SCy Schubert wpa_printf(MSG_ERROR,
44085732ac8SCy Schubert "KaY: secy delete_transmit_sa operation not supported");
44185732ac8SCy Schubert return -1;
44285732ac8SCy Schubert }
44385732ac8SCy Schubert
44485732ac8SCy Schubert return ops->delete_transmit_sa(ops->ctx, txsa);
4455b9c547cSRui Paulo }
4465b9c547cSRui Paulo
4475b9c547cSRui Paulo
secy_enable_transmit_sa(struct ieee802_1x_kay * kay,struct transmit_sa * txsa)4485b9c547cSRui Paulo int secy_enable_transmit_sa(struct ieee802_1x_kay *kay,
4495b9c547cSRui Paulo struct transmit_sa *txsa)
4505b9c547cSRui Paulo {
4515b9c547cSRui Paulo struct ieee802_1x_kay_ctx *ops;
4525b9c547cSRui Paulo
4535b9c547cSRui Paulo if (!kay || !txsa) {
4545b9c547cSRui Paulo wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
4555b9c547cSRui Paulo return -1;
4565b9c547cSRui Paulo }
4575b9c547cSRui Paulo
4585b9c547cSRui Paulo ops = kay->ctx;
4595b9c547cSRui Paulo if (!ops || !ops->enable_transmit_sa) {
4605b9c547cSRui Paulo wpa_printf(MSG_ERROR,
4615b9c547cSRui Paulo "KaY: secy enable_transmit_sa operation not supported");
4625b9c547cSRui Paulo return -1;
4635b9c547cSRui Paulo }
4645b9c547cSRui Paulo
465*c1d255d3SCy Schubert txsa->enable_transmit = true;
4665b9c547cSRui Paulo
46785732ac8SCy Schubert return ops->enable_transmit_sa(ops->ctx, txsa);
4685b9c547cSRui Paulo }
4695b9c547cSRui Paulo
4705b9c547cSRui Paulo
secy_disable_transmit_sa(struct ieee802_1x_kay * kay,struct transmit_sa * txsa)4715b9c547cSRui Paulo int secy_disable_transmit_sa(struct ieee802_1x_kay *kay,
4725b9c547cSRui Paulo struct transmit_sa *txsa)
4735b9c547cSRui Paulo {
4745b9c547cSRui Paulo struct ieee802_1x_kay_ctx *ops;
4755b9c547cSRui Paulo
4765b9c547cSRui Paulo if (!kay || !txsa) {
4775b9c547cSRui Paulo wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
4785b9c547cSRui Paulo return -1;
4795b9c547cSRui Paulo }
4805b9c547cSRui Paulo
4815b9c547cSRui Paulo ops = kay->ctx;
4825b9c547cSRui Paulo if (!ops || !ops->disable_transmit_sa) {
4835b9c547cSRui Paulo wpa_printf(MSG_ERROR,
4845b9c547cSRui Paulo "KaY: secy disable_transmit_sa operation not supported");
4855b9c547cSRui Paulo return -1;
4865b9c547cSRui Paulo }
4875b9c547cSRui Paulo
488*c1d255d3SCy Schubert txsa->enable_transmit = false;
4895b9c547cSRui Paulo
49085732ac8SCy Schubert return ops->disable_transmit_sa(ops->ctx, txsa);
4915b9c547cSRui Paulo }
4925b9c547cSRui Paulo
4935b9c547cSRui Paulo
secy_init_macsec(struct ieee802_1x_kay * kay)4945b9c547cSRui Paulo int secy_init_macsec(struct ieee802_1x_kay *kay)
4955b9c547cSRui Paulo {
4965b9c547cSRui Paulo int ret;
4975b9c547cSRui Paulo struct ieee802_1x_kay_ctx *ops;
4985b9c547cSRui Paulo struct macsec_init_params params;
4995b9c547cSRui Paulo
5005b9c547cSRui Paulo if (!kay) {
5015b9c547cSRui Paulo wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
5025b9c547cSRui Paulo return -1;
5035b9c547cSRui Paulo }
5045b9c547cSRui Paulo
5055b9c547cSRui Paulo ops = kay->ctx;
5065b9c547cSRui Paulo if (!ops || !ops->macsec_init) {
5075b9c547cSRui Paulo wpa_printf(MSG_ERROR,
5085b9c547cSRui Paulo "KaY: secy macsec_init operation not supported");
5095b9c547cSRui Paulo return -1;
5105b9c547cSRui Paulo }
5115b9c547cSRui Paulo
512*c1d255d3SCy Schubert params.use_es = false;
513*c1d255d3SCy Schubert params.use_scb = false;
514*c1d255d3SCy Schubert params.always_include_sci = true;
5155b9c547cSRui Paulo
5165b9c547cSRui Paulo ret = ops->macsec_init(ops->ctx, ¶ms);
5175b9c547cSRui Paulo
5185b9c547cSRui Paulo return ret;
5195b9c547cSRui Paulo }
5205b9c547cSRui Paulo
5215b9c547cSRui Paulo
secy_deinit_macsec(struct ieee802_1x_kay * kay)5225b9c547cSRui Paulo int secy_deinit_macsec(struct ieee802_1x_kay *kay)
5235b9c547cSRui Paulo {
5245b9c547cSRui Paulo struct ieee802_1x_kay_ctx *ops;
5255b9c547cSRui Paulo
5265b9c547cSRui Paulo if (!kay) {
5275b9c547cSRui Paulo wpa_printf(MSG_ERROR, "KaY: %s params invalid", __func__);
5285b9c547cSRui Paulo return -1;
5295b9c547cSRui Paulo }
5305b9c547cSRui Paulo
5315b9c547cSRui Paulo ops = kay->ctx;
5325b9c547cSRui Paulo if (!ops || !ops->macsec_deinit) {
5335b9c547cSRui Paulo wpa_printf(MSG_ERROR,
5345b9c547cSRui Paulo "KaY: secy macsec_deinit operation not supported");
5355b9c547cSRui Paulo return -1;
5365b9c547cSRui Paulo }
5375b9c547cSRui Paulo
5385b9c547cSRui Paulo return ops->macsec_deinit(ops->ctx);
5395b9c547cSRui Paulo }
540